Lucene search

[email protected]CVE-2002-0118

HistoryMar 25, 2002 - 5:00 a.m.

CVE-2002-0118

2002-03-2505:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

infopop

ubb 6.2.0

xss

vulnerability

remote script execution

nvd

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.8%

JSON

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

CPENameOperatorVersion
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq6.2.0_beta_release_1.0
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq6.0.1
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq6.0beta
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq6.0.3
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq5.4.7e
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq6.0.2
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq6.0.4f
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq6.0
infopop:ultimate_bulletin_boardinfopop ultimate bulletin boardeq5.43

CPE	Name	Operator	Version
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	6.2.0_beta_release_1.0
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	6.0.1
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	6.0beta
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	6.0.3
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	5.4.7e
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	6.0.2
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	6.0.4f
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	6.0
infopop:ultimate_bulletin_board	infopop ultimate bulletin board	eq	5.43

References

online.securityfocus.com/archive/1/249031

www.iss.net/security_center/static/7838.php

www.securityfocus.com/bid/3829

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.8%

JSON